Direct Error for manageTaskScheduler : SunCertPathBuilderException: unable to find valid certification path to requested target

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Direct Error for manageTaskScheduler : SunCertPathBuilderException: unable to find valid certification path to requested target

psrleo3
HI,
Am getting to see the this exception:
Caused by: javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;

I have deployed the Connect with direct ear to the Jboss application server.
Followed the steps as mentioned in the below url, generated, configured the certificates, keystores, truststore files as mentioned in the below link
https://github.com/CONNECT-Solution/CONNECT/tree/CONNECT_integration/Product/Production/Services/DirectCore


Configured the Domain, Agent settings, Certificates in the AdminGUICOnsole, also updated the direct.mail.external and internal properties files accordingly.

Uncommented the below lines from the direct.appcontext.xml
<task:scheduled-tasks scheduler="directScheduler">
        <task:scheduled ref="outboundMessagePoller" method="poll" cron="0,30 * * * * *"/>
        <task:scheduled ref="inboundMessagePoller" method="poll" cron="15,45 * * * * *"/>
    </task:scheduled-tasks>
    <task:scheduler id="directScheduler" />
    <bean id="manageTaskScheduler" class="gov.hhs.fha.nhinc.mail.ManageTaskScheduler" init-method="init" destroy-method="clean">
        <constructor-arg ref="directScheduler"/>
    </bean>

I am getting to see the error in the EventDB for the event table as
DIRECT_ERROR {"timestamp":"2016-10-19T16:30:45.162+0530","action":"DIRECT_ERROR","statuses":["error"],"error_msg":"Exception while polling mail server.Could not retrieve opened folder: Inbox for READ_WRITE"} (null) Direct urn:oid:81.0

In the Logs am getting to see the following Exception:-

      at org.springframework.scheduling.support.MethodInvokingRunnable.run(MethodInvokingRunnable.java:65) [spring-context-3.0.7.RELEASE.jar:3.0.7.RELEASE]
        at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:51) [spring-context-3.0.7.RELEASE.jar:3.0.7.RELEASE]
        at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:81) [spring-context-3.0.7.RELEASE.jar:3.0.7.RELEASE]
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) [rt.jar:1.7.0_79]
        at java.util.concurrent.FutureTask.run(FutureTask.java:262) [rt.jar:1.7.0_79]
        at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:178) [rt.jar:1.7.0_79]
        at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:292) [rt.jar:1.7.0_79]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_79]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_79]
        at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_79]
Caused by: javax.mail.MessagingException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target;
  nested exception is:
        javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:665) [mail-1.4.4.jar:1.4.4]
        at javax.mail.Service.connect(Service.java:317) [mail-1.4.4.jar:1.4.4]
        at javax.mail.Service.connect(Service.java:176) [mail-1.4.4.jar:1.4.4]
        at javax.mail.Service.connect(Service.java:125) [mail-1.4.4.jar:1.4.4]
        at gov.hhs.fha.nhinc.mail.ImapMailReceiver.getInbox(ImapMailReceiver.java:152) [DirectCore-4.5.0.jar:]
        ... 16 more
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) [jsse.jar:1.7.0_79]
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904) [jsse.jar:1.7.0_79]
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:279) [jsse.jar:1.7.0_79]
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:273) [jsse.jar:1.7.0_79]
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1446) [jsse.jar:1.7.0_79]
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209) [jsse.jar:1.7.0_79]
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:901) [jsse.jar:1.7.0_79]
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:837) [jsse.jar:1.7.0_79]
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1023) [jsse.jar:1.7.0_79]
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1332) [jsse.jar:1.7.0_79]
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1359) [jsse.jar:1.7.0_79]
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) [jsse.jar:1.7.0_79]
        at com.sun.mail.util.SocketFetcher.configureSSLSocket(SocketFetcher.java:507) [mail-1.4.4.jar:1.4.4]
        at com.sun.mail.util.SocketFetcher.getSocket(SocketFetcher.java:238) [mail-1.4.4.jar:1.4.4]
        at com.sun.mail.iap.Protocol.<init>(Protocol.java:113) [mail-1.4.4.jar:1.4.4]
        at com.sun.mail.imap.protocol.IMAPProtocol.<init>(IMAPProtocol.java:110) [mail-1.4.4.jar:1.4.4]
        at com.sun.mail.imap.IMAPStore.protocolConnect(IMAPStore.java:632) [mail-1.4.4.jar:1.4.4]
        ... 20 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385) [rt.jar:1.7.0_79]
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) [rt.jar:1.7.0_79]
        at sun.security.validator.Validator.validate(Validator.java:260) [rt.jar:1.7.0_79]
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326) [jsse.jar:1.7.0_79]
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231) [jsse.jar:1.7.0_79]
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126) [jsse.jar:1.7.0_79]
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1428) [jsse.jar:1.7.0_79]
        ... 32 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196) [rt.jar:1.7.0_79]
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268) [rt.jar:1.7.0_79]
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380) [rt.jar:1.7.0_79]
        ... 38 more

16:57:00,158 INFO  [gov.hhs.fha.nhinc.event.Log4jEventLogger] (directScheduler-1) DIRECT_ERROR has triggered. It has messageID null, transactionID  and description {"timestamp":"2016-10-20T16:57:00.152+0530","action":"DIRECT_ERROR","statuses":["error"],"error_msg":"Exception while polling mail server.Could not retrieve opened folder: Inbox for READ_WRITE"}
16:57:00,158 ERROR [org.springframework.scheduling.support.MethodInvokingRunnable] (directScheduler-1) Invocation of method 'poll' on target class [class gov.hhs.fha.nhinc.direct.DirectMailPoller] failed: gov.hhs.fha.nhinc.direct.DirectException: Exception while polling mail server.
        at gov.hhs.fha.nhinc.direct.DirectMailPoller.handleException(DirectMailPoller.java:52) [DirectCore-4.5.0.jar:]
        at gov.hhs.fha.nhinc.mail.AbstractMailPoller.poll(AbstractMailPoller.java:58) [DirectCore-4.5.0.jar:]
        at sun.reflect.GeneratedMethodAccessor228.invoke(Unknown Source) [:1.7.0_79]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_79]
        at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_79]

Any suggestions will be appreciated and am I missing anything here.

Thanks,
Sudhakar

Reply | Threaded
Open this post in threaded view
|

Re: Direct Error for manageTaskScheduler : SunCertPathBuilderException: unable to find valid certification path to requested target

Minh
Administrator
Hi Sudhakar,

The underline problem is you don't have mail server certification inside your public keystore.  That why it could not allow you to login.  Can you verify that you have mail server inside your public keystore (cacerts.jks)?

For survey purpose, what organization or government agency do you support?

Thanks,
Minh-Hai Nguyen
CONNECT Product Team Member